Monday, 14 November 2016

The way user moves his fingers across a phone's touchscreen alters the WiFi signals transmitted by a mobile phone, causing interruptions that an attacker can intercept, analyze, and reverse engineer to guess what the user has typed on his phone or in password input fields.

Thursday, 23 June 2016

Two-factor authentication is an effective way to secure online accounts, but many users avoid enabling this feature to save themselves from irritation of receiving and typing a 6-digit code that takes a few more seconds.

Wednesday, 22 June 2016

Penetration testing requirements often force penetration testers to do both external as well as internal assessments. This article covers the concepts that are required to setup a pentest lab in virtual box, which looks like a real network for a small-scale organization. This can be used as a base for setting up more advanced labs to practice penetration testing concepts in a legal environment.

Monday, 14 December 2015

Are you a security freak looking to learn MongoDB penetration testing? If yes, our little video course “MongoDB Pentesting for Absolute Beginners” is the perfect way to pick up the basics. This course explains common misconfigurations seen in MongoDB and walks the readers through the basics. A lab is then setup followed by assessments which includes Identifying and fixing NoSQL Injection and automated assessments with NoSQLMAP. During the lab setup phase, readers will setup everything from scratch, which includes installing MongoDB and bringing it up, setting up a database for practicing MongoDB assessments, installing PHP drivers and setting up a vulnerable web application for practicing NoSQL Injection attacks with MongoDB.